cb601/dyntls
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Make HTTP and service key symlinks relative to base.key.pem

Browse Source
This commit is contained in:
Stephan Düsterhaupt
2026-03-28 10:33:05 +01:00
parent b3f045ee21
commit bd34efc598
1 changed files with 10 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
dyntls.sh
+10 -8
View File
@@ -29,9 +29,10 @@
# Project Home: https://dev.town-square.de/cb601/dyntls # Project Home: https://dev.town-square.de/cb601/dyntls
# #
############################################################################### ###############################################################################
# MIT License # MIT License
# #
# Copyright (c) 2025 CB-601 - the open tec Elevator <mail@opensource-technology.de> # Copyright (c) 2026 CB-601 - the open tec Elevator <mail@opensource-technology.de>
# #
# Permission is hereby granted, free of charge, to any person obtaining a copy # Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal # of this software and associated documentation files (the "Software"), to deal
@@ -875,12 +876,13 @@ _ProvideCertDomainService() {
# Provide server key: either symlink to base or copy unique key # Provide server key: either symlink to base or copy unique key
KeyPath="$EffectivePkiDir/private/$DYNTLS_MEMBER_HOSTNAME.$DYNTLS_PKI_KEY_SUFFIX" KeyPath="$EffectivePkiDir/private/$DYNTLS_MEMBER_HOSTNAME.$DYNTLS_PKI_KEY_SUFFIX"
if [ "$DYNTLS_PKI_KEY_LNS" -eq 1 ]; then if [ "$DYNTLS_PKI_KEY_LNS" -eq 1 ]; then
_log "Create a symlink '$EffectivePkiDir/private/base.$DYNTLS_PKI_KEY_SUFFIX' to '$KeyPath'." 1 _log "Using relative symlink for service key: $KeyPath -> $DYNTLS_PKI_SERVER_BASEKEY_FILE" 1
ln -sf "$EffectivePkiDir/private/base.$DYNTLS_PKI_KEY_SUFFIX" "$KeyPath" ln -sf "$DYNTLS_PKI_SERVER_BASEKEY_FILE" "$KeyPath"
else else
_log "Copy unique key from '$DYNTLS_PKI_HTTP_KEY_DIR/$DYNTLS_MEMBER_HOSTNAME.$DYNTLS_PKI_KEY_SUFFIX' to '$EffectivePkiDir/private/$DYNTLS_MEMBER_HOSTNAME.$DYNTLS_PKI_KEY_SUFFIX'." 1 _log "Using dedicated service key copy at: $KeyPath (source: $EffectivePkiDir/private/$DYNTLS_PKI_SERVER_BASEKEY_FILE)" 1
cp "$DYNTLS_PKI_HTTP_KEY_DIR/$DYNTLS_MEMBER_HOSTNAME.$DYNTLS_PKI_KEY_SUFFIX" "$EffectivePkiDir/private/" cp "$EffectivePkiDir/private/$DYNTLS_PKI_SERVER_BASEKEY_FILE" "$KeyPath"
fi fi
# Adjust ownership and permissions on .pem files # Adjust ownership and permissions on .pem files
@@ -1077,10 +1079,10 @@ _create_cert() {
_log "Planned server key path: $KeyFile" 1 _log "Planned server key path: $KeyFile" 1
if [ "$DYNTLS_PKI_KEY_LNS" -eq 1 ]; then if [ "$DYNTLS_PKI_KEY_LNS" -eq 1 ]; then
_log "Linking base server key to: $KeyFile" 1 _log "Using relative symlink for server key: $KeyFile -> $DYNTLS_PKI_SERVER_BASEKEY_FILE" 1
ln -sf "$DYNTLS_PKI_SERVER_BASEKEY" "$KeyFile" ln -sf "$DYNTLS_PKI_SERVER_BASEKEY_FILE" "$KeyFile"
else else
_log "Copying dedicated server key to: $KeyFile" 1 _log "Using dedicated server key copy at: $KeyFile (source: $DYNTLS_PKI_SERVER_BASEKEY)" 1
cp -a "$DYNTLS_PKI_SERVER_BASEKEY" "$KeyFile" cp -a "$DYNTLS_PKI_SERVER_BASEKEY" "$KeyFile"
fi fi